﻿using IdentityServer4;
using IdentityServer4.Models;
using IdentityServer4.Test;
using Microsoft.AspNetCore.Identity;
using System.Collections.Generic;
using System.Security.Claims;

namespace Batman.Identity.Config
{
    public class IdentityConfig
    {
        public static IEnumerable<ApiResource> GetApiResources()
        {
            return new List<ApiResource>()
            {
                new ApiResource("api1", "My Api", new List<string>{
                    "Role",
                    "Uri"
                })
            };
        }

        public static IEnumerable<Client> GetClients()
        {
            var secret = new Secret { Value = "mysecret".Sha512() };

            return new List<Client>()
            {
                new Client
                {
                    ClientId = "mvc",
                    ClientName = "MVC Client",
                    AllowedGrantTypes = GrantTypes.Implicit,
                    // where to redirect to after login
                    RedirectUris = { "http://localhost:8802/signin-oidc" },
                    // where to redirect to after logout
                    PostLogoutRedirectUris = { "http://localhost:8802/signout-callback-oidc" },
                    AllowedScopes = new List<string>
                    {
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile
                    }
                },
                new Client
                {
                    ClientId = "UserManagement",
                    ClientName = "用户管理系统",
                    AllowedGrantTypes = GrantTypes.Hybrid,
                    RedirectUris = { "http://localhost:8080/index.html" },
                    PostLogoutRedirectUris = { "http://localhost:8080/callback.html" },
                    AllowedScopes = new List<string>
                    {
                        IdentityServerConstants.StandardScopes.OpenId,

                        IdentityServerConstants.StandardScopes.Profile
                    }
                },
                new Client
                {
                    AllowAccessTokensViaBrowser = true,

                    ClientId = "js",
                    ClientName = "JavaScript Client",
                    AllowedGrantTypes = GrantTypes.Implicit,
                    RequirePkce = true,
                    RequireClientSecret = false,

                    RedirectUris =           { "http://localhost:8080/callback.html" },
                    PostLogoutRedirectUris = { "http://localhost:8080/index.html" },
                    AllowedCorsOrigins =     { "http://localhost:8080" },

                    AllowedScopes =
                    {
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                        "api1"
                    }
                },
                //new Client
                //{
                //    ClientId = "js2",
                //    ClientName = "js2",
                //    ClientSecrets = new List<Secret> { secret },
                //    Enabled = true,
                //    AllowedGrantTypes = new List<string> { "authorization_code" }, //DELTA //IdentityServer3 wanted Flow = Flows.AuthorizationCode,
                //    RequireConsent = true,
                //    AllowRememberConsent = false,
                //    RedirectUris =           { "http://localhost:8080/callback.html" },
                //    PostLogoutRedirectUris = { "http://localhost:8080/index.html" },
                //    AllowedCorsOrigins =     { "http://localhost:8080" },
                //    AccessTokenType = AccessTokenType.Jwt,

                //    AllowedScopes =
                //    {
                //        IdentityServerConstants.StandardScopes.OpenId,
                //        IdentityServerConstants.StandardScopes.Profile,
                //        "api1"
                //    }
                //},
                new Client{
                   ClientName = "健蓓聊天室",
                   ClientId = "jianbei.chatroom",
                   AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
                   ClientSecrets =
                   {
                       new Secret("jianbei.secret".Sha256())
                   },
                   AllowedScopes =
                   {
                        IdentityServerConstants.StandardScopes.OpenId, //必须要添加，否则报forbidden错误
                        IdentityServerConstants.StandardScopes.Profile
                   }
                }
            };
        }

        public static List<TestUser> GetUsers()
        {
            return new List<TestUser> {
                new TestUser
                {
                    SubjectId = "1",
                    Username = "admin",
                    Password = "admin@123"
                },
                new TestUser
                {
                    SubjectId = "2",
                    Username = "bob",
                    Password = "admin@123"
                }
            };
        }

        public static IEnumerable<IdentityResource> GetIdentityResources()
        {
            return new List<IdentityResource>
            {
                new IdentityResources.OpenId(),
                new IdentityResources.Profile()
            };
        }

        public static List<IdentityRole> GetRoles()
        {
            return new List<IdentityRole>
            {
                new IdentityRole("超级管理员"){ NormalizedName = "supperadmin"},
                new IdentityRole("管理员"){ NormalizedName = "admin"},
            };
        }
    }
}
